1 reply to this topic

[Joshk]

I have noticed some interesting things in MFDeploy for security that I don't know how to use.  Things like "Sign Deployment File", "Create Key Pair", "Update Device Keys", and "Update SSL Seed".  Can someone what they can do and how to use them?  I haven't tried any of them yet because I'm afraid trial and error could cost me board or two.  Maybe others are curious too.

[Dan Kowalczyk]

I have been researching this topic and the best sources for understanding this feature have been the following articles:

• http://msdn.microsof...y/ee435036.aspx
• http://msdn.microsof...y/ee435045.aspx

 

From these articles and others on this forum, you can create a deployment by

1. Deploying through Visual Studio to the device
2. Using MFDeploy to create a .hex file and signing it with a key pair generated through MFDeploy

Now, the firmware you install on the Netduino (or other .NET Micro Framework device) can only be updated by those who can provide the public key associated with the private key used to sign the device application deployment.

 

Although I have been able to create deployment images, sign them with keys, and manage device keys for my firmware and deployment sectors, it all hasn't seemed to work. I am still able to load unsigned images onto my device. I will report back if I figure this out.